CVE-2026-37749

Published April 17th, 2026

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php.

menevarad007/CVE-2026-37749

CVE-2026-37749 — CodeAstro Simple Attendance Management System 1.0 - SQL Injection

GitHub